-
漏洞描述

Windows contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when Internet Explorer does not properly call interface arguments when instantiating COM components in devenum.dll. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.

-
时间线

公开日期:
2005-08-09

发现日期:
2005-07-13

利用日期:2005-08-11

解决日期:2005-08-09

-
解决方案

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

-
漏洞讨论

Microsoft Internet Explorer is prone to a buffer-overflow vulnerability that is exposed when certain COM objects are instantiated as ActiveX controls. A malicious webpage could pass content to these objects to trigger memory corruption.

Successful exploits could let remote attackers execute arbitrary code in the context of the currently logged-in user.

-
漏洞利用

UPDATE: Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.

Proof-of-concept code (ie_com_poc.pl) has been supplied by Ben Hege <kho7o@yahoo.de>.

Proof-of-concept code (ms05038.c) has been supplied by Ben Hege <zwell@sohu.com>.

-
解决方案

Microsoft has released fixes to address supported versions of the software. Fixes for Internet Explorer on Windows 98/98SE/ME may be obtained through Windows Update.

Microsoft has updated the security bulletin for this issue to reflect the availability of updated fixes. This is due to an issue with Systems Management Server (SMS) and the original fixes. Users who updated using Automatic Update, Windows Update, Microsoft Update, and Windows Server Update Services (WSUS) do not need to reapply the fixes.